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THE MAILING DATE OF THIS COMMUNICATION. 
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Status 

1)H Responsive to communications) filed on 30 January 2004 . 
2a)D This action is FINAL. 2b)|3 This action is non-final. 
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closed in accordance with the practice under Ex parte Quayfe, 1935 CD. 1 1 , 453 O.G. 213. 
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10) D The drawing(s) filed on is/are: a)D accepted or b)D objected to by the Examiner. 
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Replacement drawing sheet(s) including the correction is required if the drawing(s) is objected to. See 37 CFR 1.121(d). 
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DETAILED ACTION 



1. 



This Action is in regards to the Amendment and Response received on 30 January 2004. 



Claim Rejections - 35 USC § 101 



2. 35 U.S.C. 101 reads as follows: 

Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or 
any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and 
requirements of this title. 

Claims 1-8 are rejected under 35 U.S.C. 101 because the claimed invention is directed to 
non- statutory subject matter. 

Regarding claims 1-8, describes only a "method comprising . . . adapted to . . .generate 
filters". Rendering the claim(s) as reciting only an abstract idea. The claim(s) equate merely to 
a data structure per se, which does not serve a specific function, nor provide functionality to 
obtain any type of recited utility. Additionally, no storage medium for the data structure has 
been specified, e.g., embodiment on a computer readable medium. Further, any assumed 
computer readable medium containing the data structure(s) do not fall within one of the five 
categories of statutory subject matter, namely, new and useful process, machine, manufacture, 
composition of matter, or any new and useful improvement thereof. Claims to processes that do 
nothing more than solve mathematical problems or manipulate abstract ideas or concepts are 
more complex to analyze and are addressed below. If the "acts" of a claimed process manipulate 
only numbers, abstract concepts or ideas, or signals representing any of the foregoing, the acts 
are not being applied to appropriate subject matter. Schrader, 22 F.3d at 294-95, 30 USPQ2d at 
1458-59. Thus, a process consisting solely of mathematical operations, i.e., converting one set of 
numbers into another set of numbers, does not manipulate appropriate subject matter and thus 
cannot constitute a statutory process. See MPEP 2106(IV)(B)(l)(b). In practical terms, claims 
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define nonstatutory processes if they: - consist solely of mathematical operations without some 
claimed practical application (i.e., executing a "mathematical algorithm"); or - simply 
manipulate abstract ideas, e.g., a bid (Schrader, 22 F.3d at 293-94, 30 USPQ2d at 1458-59) or a 
bubble hierarchy (Warmerdam, 33 F.3d at 1360, 31 USPQ2d at 1759), without some claimed 
practical application. Cf. Alappat, 33 F.3d at 1543 n.19, 31 USPQ2d at 1556 n.19 in which the 
Federal Circuit recognized the confusion: The Supreme Court has not been clear ... as to 
whether such subject matter is excluded from the scope of 101 because it represents laws of 
nature, natural phenomena, or abstract ideas. See Diehr, 450 U.S. at 186 (viewed mathematical 
algorithm as a law of nature); Gottschalk v. Benson, 409 U.S. 63, 71-72 (1972) (treated 
mathematical algorithm as an "idea"). The Supreme Court also has not been clear as to exactly 
what kind of mathematical subject matter may not be patented. The Supreme Court has used, 
among others, the terms "mathematical algorithm," "mathematical formula," and "mathematical 
equation" to describe types of mathematical subject matter not entitled to patent protection 
standing alone. The Supreme Court has not set forth, however, any consistent or clear 
explanation of what it intended by such terms or how these terms are related, if at all. Certain 
mathematical algorithms have been held to be nonstatutory because they represent a 
mathematical definition of a law of nature or a natural phenomenon. For example, a 
mathematical algorithm representing the formula E = mc2 is a "law of nature" — it defines a 
"fundamental scientific truth" (i.e., the relationship between energy and mass). To comprehend 
how the law of nature relates to any object, one invariably has to perform certain steps (e.g., 
multiplying a number representing the mass of an object by the square of a number representing 
the speed of light). In such a case, a claimed process which consists solely of the steps that one 
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must follow to solve the mathematical representation of E = mc2 is indistinguishable from the 
law of nature and would "preempt" the law of nature. A patent cannot be granted on such a 
process. The invention, as presently claimed, clearly recited "a method, comprising . . . adapted 
to. . . generate access filters", without being executed by hardware, but the invention as claimed, 
does not do anything, nor does the claimed invention actually impart any specific functionality to 
any device, including any assumed computerized equipment in the technological art. 

Claim Rejections - 35 (JSC §112 

3. The following is a quotation of the first paragraph of 35 U.S. C. 112: 

The specification shall contain a written description of the invention, and of the manner and process of making 
and using it, in such full, clear, concise, and exact terms as to enable any person skilled in the art to which it 
pertains, or with which it is most nearly connected, to make and use the same and shall set forth the best mode 
contemplated by the inventor of carrying out his invention. 

Claims 1-8 are rejected under 35 U.S.C. 1 12, first paragraph. Specifically, since the 
claimed invention is not supported by either a technological asserted utility or a well established 
utility for the reasons set forth above, one skilled in the art clearly would not know how to use 
the claimed invention. 

Claim Rejections - 35 USC § 112 

4. Claims 1-21 are rejected under 35 U.S.C. 1 12, first paragraph, as based on a disclosure 
which is not enabling. Applicant's specification lacks the proper teachings that are critical or 
essential to the practice of the invention, but not included in the claim(s) is not enabled by the 
disclosure. See In re Mayhew, 527 F.2d 1229, 188 USPQ 356 (CCPA 1976). In claim 1, 
Applicant claims to "at least to remove duplicate policy rules and to form simplified policy rules. 
Applicant states that rules simplification reduces a policy group into a rule that preferable 
contains no irrelevant or redundant information. Applicant does not teach within the 
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specification that duplicate policy rules are removed. Applicant states on pages 8 and 9 that the 
information or data within the rules that is redundant or irrelevant is removed. Applicant has not 
provided the details that teach that the duplicate policy rules are removed. It would require undue 
experimentation for one of ordinary skill in the networking art at the time the invention was 
made to be able to remove redundant policy rules. 

Claim Rejections - 35 USC §103 

5. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 

obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set forth in 
section 102 of this title, if the differences between the subject matter sought to be patented and the prior art are 
such that the subject matter as a whole would have been obvious at the time the invention was made to a person 
having ordinary skill in the art to which said subject matter pertains. Patentability shall not be negatived by the 
manner in which the invention was made. 

6. Claims 1, 2, 9, 14, 15 and 18-21 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over Gai et al (Gai), U.S. Patent No. 6,167,445 in view of Corl, Jr. et al. (Corl), 
U.S. Patent No. 6,473,763. 

7. Regarding claim 1, Gai discloses the invention substantially as claimed. Gai discloses a 
method, comprising: obtaining policy rules (Gai teaches receiving policies at one or more policy 
servers within a network domain), [see Gai, abstract, Col. 5, lines 63-67 and Col. 6, lines 1-26] 
and simplifying said policy rules, based on said simplified policy rules, creating an access 
control list adapted to configure a network device (Gai teaches as tables are loaded and/or 
updated, a policy rule generating engine accesses information and creates one or more rules that 
can be transmitted to intermediate devices within a respective domain and that these rules 
include one or more access control lists), [see Gai, Col. 13, lines 60-67 and Col. 14, lines 1-22]; 
and using the access control list to generate access filters (Gai teaches that the access control 
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lists object that contains a list of criteria statements (filters) to be applied to the packets), [see 
Gai, Col. 3, lines 60-65 and Col. 15, lines 5-55]. Eventhough, Gai does disclose simplified 
policy rules. However, Gai does not explicitly disclose at least to remove duplicate policy rules. 

8. In the same field of endeavor, Corl discloses (system, method and computer program for 
filtering multi-action rule set). Corl discloses at least to remove duplicate policy rules and to 
form simplified policy rules [see Corl, Col. 10, lines 21-33 and Col. 12, lines 36-51]. 

9. Accordingly, it would have been obvious to one of ordinary skill in the networking art at 
the time the invention was made to have incorporated Corl's teachings of a system, method and 
computer program for filtering multi-action rule set with the teachings of Gai, for the purpose of 
eliminating or removing duplicate subtrees of a filter in order to facilitate the reduction in cost 
for storage of the decision tree [see Corl, Col. 12, lines 36-46]. By this rationale claim 1 is 
rejected. 

10. Regarding claim 2, Gai-Corl further disclose further comprising expanding the policy 
rules into value groups that represent conditions occurring in the network device associated with 
the policy rules (Gai teaches that the policy rule generating engine creates [see Gai, Col. 1 5, 
lines 5-54, Col. 16, lines 1-43 and Col. 17, lines 23-47]. By this rationale claim 2 is rejected. 

1 1 . Regarding claim 9, Gai-Corl further discloses a computer network [see rejection of claim 
1 , supra], comprising: a first device adapted to disseminate policy rules in the network [see Gai, 
Col. 14, lines 57-67 and Col. 15, lines 1-4]; and a second device adapted to receive the policy 
rules disseminated on the network by the first device (Gai teaches that intermediate devices 
receives rules from the policy rule generating engine), [see Gai, Col. 14, lines 63-67] and 
adapted to: simplifying said policy rules, at least to remove duplicate policy rules and to form 
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simplified policy rules [see rejection of claim 1, supra] based on policy rules, create an access 
control list adapted to configure the at least one device from the filters [see Gai, Col. 14, lines 
63-67, Col. 15, lines 1-16, Col. 16, lines 44-67 and Col. 17, lines 1-2]; and to use the access 
control list to generate access filters from the translated policies [see rejection of claim 1, 
supra]. The motivation that was used in the combination of claim 1, applies equally as well to 
claim 9. By this rationale claim 9 is rejected. 

1 2. Regarding claim 14, Gai-Corl further discloses an article comprising a 
computer-readable medium which stores computer executable instructions for managing policy 
rules on a network, the instructions causing a computer to: simplifying said policy rules, at least 
to remove duplicate policy rules and to form simplified policy rules [see rejection of claim 1, 
supra] based on policy rules, create an access control list adapted to configure the devices from 
the simplified rules [see Gai, Col. 13, lines 60-67 and Col. 14, lines 1-22]; and use the access 
control list to generate access filters (Gai teaches access control lists object contains a list of 
criteria statements to be applied to packets), [see Gai, Col. 15, lines 20-35]. The motivation that 
was used in the combination of claim 1, applies equally as well to claim 14. By this rationale 
claim 14 is rejected. 

13. Regarding claim 15, Gai-Corl discloses further comprising instructions to expand the 
policy rules into value groups, wherein value groups represent conditions occurring in the 
network device associated with the policy rules [see rejection of claim 2, supra]. By this 
rationale claim 15 is rejected. 

14. Regarding claim 18, Gai- Corl further discloses a network device, comprising: a 
configurable management process located on the device having instructions to: receive the 



Application/Control Number: 09/539,927 Page 8 

Art Unit: 2143 

policy rules in a network device; translate the policy rules to a set of simplified rules [see Gai, 
CoL 13, lines 60-67 and Col 14, lines 1-22] at least removing duplicate parts of said rules to 
form said simplified rules [see rejection of claim 1, supra]; create an access control list adapted 
to configure the network device from the simplified rules [see Gai, Col. 14, lines 56-67 and Col. 
15, lines 1-16]; and use the access control list to generate access filters (Gai teaches access 
control lists object contains a list of criteria statements to be applied to packets), [see Gai, Col. 
15, lines 20-35], By this rationale claim 18 is rejected. 

15. Regarding claim 19, Gai-Corl discloses further comprising a connection to an external 
network (Gai teaches the Internet as the external network), [see Gai, Col. 1, lines 12-40]. By this 
rationale claim 19 is rejected. 

16. Regarding claim 20, Gai-Corl further discloses wherein the external network is a local 
area network [see Gai, Col. 1, lines 12-40], By this rationale claim 20 is rejected. 

17. Regarding claim 21, Gai-Corl further discloses wherein the external network is the 
Internet [see Gai, CoL 1, lines 12-40]. By this rationale claim 21 is rejected. 



Claim Rejections - 35 USC §103 
18. The following is a quotation of 35 U.S. C. 103(a) which forms the basis for all 

obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set forth in 
section 102 of this title, if the differences between the subject matter sought to be patented and the prior art are 
such that the subject matter as a whole would have been obvious at the time the invention was made to a person 
having ordinary skill in the art to which said subject matter pertains. Patentability shall not be negatived by the 
manner in which the invention was made. 
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19. Claims 3-8, 10-13, 16, and 17 are rejected under 35 U.S.C. 103(a) as being unpatentable 
over Gai-Corl as applied to claims 1, 2, 9, 14 and 15 above, and further in view of Flint et al. 
(Flint), U.S. Patent No. 6,453,419. 

20. Regarding claim 3, Gai-Corl discloses the invention substantially as claimed. 
Eventhough, Gai-Corl does imply certain conditions that are excluded. However, Gai-Corl does 
not explicitly disclose further comprising excluding conditions that would otherwise be implied 
by the rules. 

21. In the same field of endeavor, Flint discloses (e.g., system and method for implementing 
a security policy). Flint discloses further comprising excluding conditions that would otherwise 
be implied by the rules [see Flint, Col. 8, lines 58-64]. 

22. Accordingly, it would have been obvious to one of ordinary skill in the networking art at 
the time the invention was made to have incorporated Flint's teachings of a system and method 
for implementing a security policy with the teachings of Gai-Corl, for the purpose of providing a 
method of presenting and managing access control rules which can easily respond to changes in 
the number of networks and users [see Flint, Col 2, lines 1-3]. By this rationale claim 3 is 
rejected. 

23. Regarding claim 4, Gai-Corl and Flint discloses further comprising resolving 
inconsistent conditions that result from expanding the policy rules and excluding the policy rule 
conditions [see Gai, Col. 15, lines 14-34]. By this rationale claim 4 is rejected. 

24. Regarding claim 5, Gai-Corl and Flint discloses further comprising creating at least one 
array of included or excluded conditions from the policy rules (Flint teaches an array of 
condition for users that apply to policy rules), [see Flint, Col. 8, lines 43-67]. The motivation 
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that was applied to claim 3 above applies equally as well to claim 5. By this rationale claim 5 is 
rejected. 

25. Regarding claim 6, Gai-Corl and Flint further discloses wherein generating the access 
filters further comprises: adding filters adapted to control access of a device to another 
component in the network [see Gai, Col. 3, lines 65-67]. By this rationale claim 6 is rejected. 

26. Regarding claim 7, Gai-Corl and Flint discloses further comprising generating deny 
filters by combining the at least one array of excluded conditions and the at least one array of 
included conditions [see rejection of claim 6, supra]. By this rationale claim 7 is rejected. 

27. Regarding claim 8, Gai-Corl and Flint discloses further comprising generating permit 
fillers by combining the at least one of the arrays of the included conditions with the remaining 
arrays of included conditions [see Flint, Col. 8, lines 43-67]. The motivation that was used to 
combine claim 3, applies equally as well to claim 8. By this rationale claim 8 is rejected. 

28. Regarding claim 10, Gai-Corl and Flint further discloses wherein the second device 
further comprises a permit filter [see Flint, Col. 4, lines 12-66]. The motivation that was used to 
combine claim 3, applies equally as well to claim 10. By this rationale claim 10 is rejected. 

29. Regarding claim 11, Gai-Corl and Flint discloses further comprising a plurality of 
data-storage devices [see Gai, Col. 9, lines 58-62] adapted to permit access to the second device 
[see Flint, Col. 4, lines 12-66]. The motivation that was used to combine claim 3, applies equally 
as well to claim 10. By this rationale claim 11 is rejected. 

30. Regarding claim 12, Gai-Corl and Flint further discloses wherein the second device 
further comprises a deny filter [see Flint, Col. 4, lines 12-66]. The motivation that was used to 
combine claim 3, applies equally as well to claim 12. By this rationale claim 12 is rejected. 
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3 1 . Regarding claim 13, Gai-Corl and Flint discloses further comprising a plurality of 
data-storage devices adapted to deny access to the second device [see Flint, Col 4, lines 12-66]. 
The motivation that was used to combine claim 3, applies equally as well to claim 13. By this 
rationale claim 13 is rejected. 

32. Regarding claim 16, Gai-Corl and Flint discloses wherein the instructions to translate the 
policy rules further includes instructions to exclude conditions that would otherwise be implied 
by the policy rules [see rejection of claim 3, supra]. By this rationale claim 16 is rejected. 

33. Regarding claim 17, Gai-Corl and Flint discloses wherein the instructions to translate the 
policy rules further includes instructions to resolve inconsistent conditions that result from 
expanding the policy rules and excluding the policy rule conditions [see Flint, Col. 10, lines 20- 
67]. The motivation that was used to combine claim 3, applies equally as well to claim 17. By 
this rationale claim 17 is rejected. 



Response to Arguments 

34. Applicant's arguments include the failure of previously applied art to expressly disclose, 
"simplifying said policy rules at least to remove duplicate policy rules and to form simplified 
policy rules (See Response, Paper#7, page 8). It is evident from the detailed mappings found in 
the above rejection(s) that Gai-Corl and Flint disclosed this functionality [see Corl, Col. 10, lines 
21-33 and Col. 12, lines 36-51). Further, it is clear from the numerous teachings (previously and 
currently cited) that the provision for "simplifying said policy rules at least to remove duplicate 
policy rules and to form simplified policy rules", was widely implemented in the networking art. 
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Thus, Applicant's arguments drawn toward distinction of the claimed invention and the prior art 
teachings on this point are not considered persuasive. 

35. Again, it is the Examiner's position that Applicant has not yet submitted claims drawn to 
limitations, which define the operation and apparatus of Applicant's disclosed invention in 
manner, which distinguishes over the prior art. As it is Applicant's right to continue to claim as 
broadly as possible their invention. It is also the Examiner's right to continue to interpret the 
claim language as broadly as possible. It is the Examiner's position that the detailed 
functionality that allows for Applicant's invention to overcome the prior art used in the rejection, 
fails to differentiate in detail how these features are unique [see pages 6-7]. As it is extremely 
well known in the networking art as already shown by Gai-Corl and Flint as well as other prior 
arts of records disclosed, "obtaining policy rule, and simplifying said policy rules, at least to 
remove duplicate policy rules and to form simplified policy rules" as well as other claimed 
features of Applicant's invention. Thus, it is clear that Applicant must submit amendments to the 
claims in order to distinguish over the prior art use in the rejection that discloses different 
features of Applicant's claim invention. It is suggested that Applicant expound in more detail 
the conditions as well as group expansion and group exclusion [see pages 6 and 7 of Applicant's 
specification]. 

36. Failure for Applicant to significantly narrow definition/scope of the claims and supply 
arguments commensurate in scope with the claims implies the Applicant intends broad 
interpretation be given to the claims. The Examiner has interpreted the claims with scope 
parallel to the Applicant in the response, and reiterates the need for the Applicant to more clearly 
and distinctly, define the claimed invention. 
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Conclusion 



Any inquiry concerning this communication or earlier communications from the examiner 
should be directed to William C. Vaughn, Jr. whose telephone number is (703) 306-9129. The 
examiner can normally be reached on 8:00-6:00, 1st and 2nd Friday Off. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, David A Wiley can be reached on (703) 308-5221. The fax phone number for the 
organization where this application or proceeding is assigned is 703-872-9306. 

Information regarding the status of an application may be obtained from the Patent 
Application Information Retrieval (PAIR) system. Status information for published applications 
may be obtained from either Private PAIR or Public PAIR. Status information for unpublished 
applications is available through Private PAIR only. For more information about the PAIR 
system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR 
system, contact the Electronic Business Center (EBC) at 866-2 1 7-9 1 97 (toll-free). , 




William C. Vaughn>4r. 
Patent Examiner 
Art Unit 2143 
06 April 2004 



